Blizzard has posted a message in response to the perception that recent reports of account hacking in Diablo III represent an uptick in such incidents. They say the number of compromised accounts does not represent anything unusual for their games, and that they continue to recommend the use of the Battle.net Authenticator or the Battle.net Mobile Authenticator for best security of your Battle.net account:

We'd like to take a moment to address the recent reports that suggested that Battle.net® and Diablo® III may have been compromised. Historically, the release of a new game -- such as a World of Warcraft® expansion -- will result in an increase in reports of individual account compromises, and that's exactly what we're seeing now with Diablo III. We know how frustrating it can be to become the victim of account theft, and as always, we're dedicated to doing everything we can to help our players keep their Battle.net accounts safe -- and we appreciate everyone who's doing their part to help protect their accounts as well. You can read about ways to help keep your account secure, along with some of the internal and external measures we have in place to help us achieve our security goals, at our account security website here: www.battle.net/security.

We also wanted to reassure you that the Battle.net Authenticator and Battle.net Mobile Authenticator (a free app for iPhone and Android devices) continue to be some of the most effective measures we offer to help players protect themselves against account compromises, and we encourage everyone to take advantage of them. In addition, we also recently introduced a new service called Battle.net SMS Protect, which allows you to use your text-enabled cell phone to unlock a locked Battle.net account, recover your account name, approve a password reset, or remove a lost Authenticator. Optionally, you can set up the Battle.net SMS Protect system to send you a text message whenever unusual activity is detected on your account, keeping you aware of important (and possibly unwanted) changes.

We also have other measures built into Battle.net to help protect players. Occasionally, when Battle.net detects unusual login activity that differs from your normal behavior -- such as logging in from an unfamiliar location -- we may prompt you for additional information (such as the answer to one of your security questions) and/or require you to perform a password reset through the Battle.net website. World of Warcraft players might be familiar with this security method already, and Diablo III players may begin to encounter it as well.

Kitkoan wrote on May 23, 2012, 00:00:What kind of questions are those and thousands of them are being guessed too? Those are rarely touched after first done so a key logger doubtfully would get so many. If they are popping up for hacked accounts, how are they cracking account name, password and rarely touched but uniquely answered private questions? All without getting noticed to a IP/unique warden based ban?

Considering you can glean the answers to most security questions in about 30 seconds because people are idiots and post everything online, I'm sure you can see the problem already. Facebook makes circumventing that trivial, especially since most people use a school, town, pet, or current s/o as their questions.

To be fair, most outfits just make you choose from a pre-selected 6 or 8 options, and they'll all retardedly easy questions to figure out about somebody.

There's very few places that allow you to specify both the answer as well as the question.